/qubes-issues

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement Qubes Management API methods #2622

Open
woju opened this Issue Feb 8, 2017 · 2 comments

Comments

Assignees

@woju woju

Labels
Projects
None yet
Milestone
  Release 4.1
3 participants
@woju @marmarek @andrewdavidwong
@woju
Member

woju commented Feb 8, 2017
edited by marmarek
Edited 1 time
  • @marmarek marmarek edited Jul 7, 2017 (most recent)

  • mgmt.property.List
  • mgmt.property.Get
  • mgmt.property.Help
  • mgmt.property.Reset
  • mgmt.property.Set
  • mgmt.property.Set
  • mgmt.vmclass.List
  • mgmt.vm.List
  • mgmt.vm.Create.<class>
  • mgmt.vm.CreateInPool.<class>
  • mgmt.vm.property.List
  • mgmt.vm.property.Get
  • mgmt.vm.property.Help
  • mgmt.vm.property.Reset
  • mgmt.vm.feature.List
  • mgmt.vm.feature.Get
  • mgmt.vm.feature.CheckWithTemplate
  • mgmt.vm.feature.Remove
  • mgmt.vm.feature.Set
  • mgmt.vm.tag.List
  • mgmt.vm.tag.Get
  • mgmt.vm.tag.Remove
  • mgmt.vm.tag.Set
  • mgmt.vm.firewall.Get
  • mgmt.vm.firewall.Set
  • mgmt.vm.firewall.Reload
  • mgmt.vm.device.<class>.Attach
  • mgmt.vm.device.<class>.Detach
  • mgmt.vm.device.<class>.List
  • mgmt.vm.device.<class>.Available
  • mgmt.pool.ListDrivers
  • mgmt.pool.List
  • mgmt.pool.Info
  • mgmt.pool.Add
  • mgmt.pool.Remove
  • mgmt.pool.volume.List
  • mgmt.pool.volume.Info
  • mgmt.pool.volume.ListSnapshots
  • mgmt.pool.volume.Snapshot
  • mgmt.pool.volume.Revert
  • mgmt.pool.volume.Resize
  • mgmt.vm.volume.List
  • mgmt.vm.volume.Info
  • mgmt.vm.volume.ListSnapshots
  • mgmt.vm.volume.Snapshot
  • mgmt.vm.volume.Revert
  • mgmt.vm.volume.Resize
  • mgmt.vm.volume.Import
  • mgmt.vm.volume.CloneFrom
  • mgmt.vm.volume.CloneTo
  • mgmt.vm.Start
  • mgmt.vm.Shutdown
  • mgmt.vm.Pause
  • mgmt.vm.Unpause
  • mgmt.vm.Kill
  • mgmt.label.List
  • mgmt.label.Get
  • mgmt.label.Create
  • mgmt.label.Remove
  • mgmt.backup.Execute
  • mgmt.backup.Info
  • mgmt.Events

@woju woju added C: core task labels Feb 8, 2017

@woju woju added this to the Release 4.0 milestone Feb 8, 2017

@woju woju self-assigned this Feb 8, 2017

@woju

This comment has been minimized.

Show comment
Hide comment
@woju

woju Feb 8, 2017

Member

For documentation see https://www.qubes-os.org/doc/mgmt1/.

Cc: @marmarek
Member

woju commented Feb 8, 2017

For documentation see https://www.qubes-os.org/doc/mgmt1/.

Cc: @marmarek

@woju woju added the C: mgmt label Feb 8, 2017

woju added a commit to woju/qubes-core-admin that referenced this issue Feb 10, 2017

@woju
qubes/mgmt: move mgmt api to separate module 
QubesOS/qubes-issues#2622
c12fc74

woju added a commit to woju/qubes-core-admin that referenced this issue Feb 10, 2017

@woju
qubes/mgmt: mgmt.vm.property.List 
QubesOS/qubes-issues#2622
02639b8

woju added a commit to woju/qubes-core-admin that referenced this issue Feb 10, 2017

@woju
qubesd: improve exception handling 
QubesOS/qubes-issues#2622
323532f

woju added a commit to woju/qubes-core-admin that referenced this issue Feb 10, 2017

@woju
qubesd: improve exception handling 
QubesOS/qubes-issues#2622
e8a5bc9

woju added a commit to woju/qubes-core-admin that referenced this issue Feb 15, 2017

@woju
qubes/mgmt: mgmt.vm.property.Help 
QubesOS/qubes-issues#2622
ada0437

woju added a commit to woju/qubes-core-admin that referenced this issue Feb 15, 2017

@woju
qubes/mgmt: mgmt.vm.property.Reset 
QubesOS/qubes-issues#2622
8e678c0

woju added a commit to woju/qubes-core-admin that referenced this issue Feb 21, 2017

@woju
qubes/tools/qubesd: add response header 
QubesOS/qubes-issues#2622
fbd5de6

woju added a commit to woju/qubes-core-admin that referenced this issue Feb 21, 2017

@woju
qubes/events: they accept only keyword arguments 
Positional arguments are hereby deprecated, with immediate effect.

QubesOS/qubes-issues#2622
ec803f7

woju added a commit to woju/qubes-core-admin that referenced this issue Feb 21, 2017

@woju
qubes/tools/qubesd: add response header 
QubesOS/qubes-issues#2622
48f10a7

woju added a commit to woju/qubes-core-admin that referenced this issue Feb 21, 2017

@woju
qubes/events: they accept only keyword arguments 
Positional arguments are hereby deprecated, with immediate effect.

QubesOS/qubes-issues#2622
be53db4

woju added a commit to woju/qubes-core-admin that referenced this issue Mar 1, 2017

@woju
qubesd+mgmt: convert mgmt functions to coroutines 
QubesOS/qubes-issues#2622
f37895e

woju added a commit to woju/qubes-core-admin that referenced this issue Mar 1, 2017

@woju
qubesd+mgmt: convert mgmt functions to coroutines 
QubesOS/qubes-issues#2622
865ab10

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Mar 9, 2017

@marmarek
mgmt: implement storage-related methods 
QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
5ce5e5f

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Mar 15, 2017

@marmarek
mgmt: encode property type in property.Get 
This also require having property.type public.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
67eedef

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Mar 15, 2017

@marmarek
mgmt: implement mgmt.vm.property.Set 
Sanitization of input value is tricky here, and also very important at
the same time. If property define value type (and it's something more
specific than 'str'), use that. Otherwise allow only printable ASCII
characters, and let appropriate event and setter handle value.
At this point I've reviewed all QubesVM properties in this category and
added appropriate setters where needed.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
8f748b8

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Mar 15, 2017

@marmarek
mgmt: add label-related calls 
QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
1180c11

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Mar 16, 2017

@marmarek
mgmt: implement storage-related methods 
QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
fb7bd68

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Mar 16, 2017

@marmarek
mgmt: encode property type in property.Get 
This also require having property.type public.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
dbf2066

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Mar 16, 2017

@marmarek
mgmt: implement mgmt.vm.property.Set 
Sanitization of input value is tricky here, and also very important at
the same time. If property define value type (and it's something more
specific than 'str'), use that. Otherwise allow only printable ASCII
characters, and let appropriate event and setter handle value.
At this point I've reviewed all QubesVM properties in this category and
added appropriate setters where needed.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
868dbea

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Mar 16, 2017

@marmarek
mgmt: add label-related calls 
QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
010d40d

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Mar 16, 2017

@marmarek
tests: storage and labels 
QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
8371ffc

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Mar 16, 2017

@marmarek
mgmt: drop ProtocolRepr 
Since we've added type= argument to property.Get format, it isn't
useful anymore.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
f93674d

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Mar 17, 2017

@marmarek
mgmt: allow functions to return None if no data is to be returned 
Don't force `return ''` everywhere.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
2c115bb

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Mar 28, 2017

@marmarek
mgmt: minor adjustments 
per @woju review

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
ad456a3

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Mar 28, 2017

@marmarek
vm: move validate_name to qubes/vm 
This will be needed by VMProperty class in the next commit.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
41fb563

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Mar 28, 2017

@marmarek
mgmt: move property value sanitization to property definition 
This also means we don't check if a VM with given name (in case of
VMProperty) exists in the system, at this stage. But this is ok, lets
not duplicate work of property setter.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
050304c

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Mar 28, 2017

@marmarek
vm: move validate_name to qubes/vm 
This will be needed by VMProperty class in the next commit.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
ce3bedb

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Mar 28, 2017

@marmarek
mgmt: move property value sanitization to property definition 
This also means we don't check if a VM with given name (in case of
VMProperty) exists in the system, at this stage. But this is ok, lets
not duplicate work of property setter.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
da3de1a

woju added a commit to woju/qubes-core-admin that referenced this issue Mar 31, 2017

@woju
Add documentation for mgmt 
QubesOS/qubes-issues#2622
93153da

woju added a commit to woju/qubes-core-admin that referenced this issue Mar 31, 2017

@woju
qubes/mgmt: Drop custom repr 
QubesOS/qubes-issues#2622
a5c59a5

woju added a commit to woju/qubes-core-admin that referenced this issue Mar 31, 2017

@woju
qubes/libvirtaio: document and prepare for upstream 
QubesOS/qubes-issues#2622
80807fb

woju added a commit to woju/qubes-core-admin that referenced this issue Mar 31, 2017

@woju
Move libviraio to core-libvirt, may be upstreamed 
QubesOS/qubes-issues#2622
8e3621c

woju added a commit to woju/qubes-core-admin that referenced this issue Mar 31, 2017

@woju
qubes/vm/qubesvm: async def start 
QubesOS/qubes-issues#2622
cce809c

woju added a commit to woju/qubes-core-admin that referenced this issue Mar 31, 2017

@woju
spec: update and tidy up python dependencies 
QubesOS/qubes-issues#2622
8defc88

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue May 25, 2017

@marmarek
admin: implement admin.vm.volume.Import 
Implement this in two parts:
1. Permissions checks, getting a path from appropriate storage pool
2. Actual data import

The first part is done by qubesd in a standard way, but then, instead of
accepting all the data (which may be several GB), return a path to which
a shell script (in practice: `dd` command) will write the data.
Then the script call back to qubesd again to report success/failure and
qubesd response from that call is actually returned to the user.

This way we do not pass all the data through qubesd, but still can
control the process from there in a meaningful way. Note that the last
part (second call to qubesd) may perform all kind of verification (like
a signature check on the data, or so) and can also prevent VM from
starting (hooking also domain-pre-start event) from not verified image.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
09df4f9

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue May 25, 2017

@marmarek
admin-api: fix handling admin.vm.property.Set with None VM value 
Setting VMProperty to None VM should be encoded as '' value (according
to VMProperty._none_value). But value validation rejected this value.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
8606d2a

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue May 26, 2017

@marmarek
admin: implement admin.vm.volume.Import 
Implement this in two parts:
1. Permissions checks, getting a path from appropriate storage pool
2. Actual data import

The first part is done by qubesd in a standard way, but then, instead of
accepting all the data (which may be several GB), return a path to which
a shell script (in practice: `dd` command) will write the data.
Then the script call back to qubesd again to report success/failure and
qubesd response from that call is actually returned to the user.

This way we do not pass all the data through qubesd, but still can
control the process from there in a meaningful way. Note that the last
part (second call to qubesd) may perform all kind of verification (like
a signature check on the data, or so) and can also prevent VM from
starting (hooking also domain-pre-start event) from not verified image.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
3cacf29

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue May 26, 2017

@marmarek
admin-api: fix handling admin.vm.property.Set with None VM value 
Setting VMProperty to None VM should be encoded as '' value (according
to VMProperty._none_value). But value validation rejected this value.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
607dcba

woju added a commit to woju/qubes-core-admin-client that referenced this issue May 29, 2017

@woju
app: close payload_stream in qubesd_call 
This is to prevent leaking file descriptors.

QubesOS/qubes-issues#2622
0a556fa

woju added a commit to woju/qubes-core-admin that referenced this issue May 29, 2017

@woju
qubes.tests asyncio 
QubesOS/qubes-issues#2622
b256af3

woju added a commit to woju/qubes-core-admin that referenced this issue May 29, 2017

@woju
qubes-rpc/admin.vm.volume.Import: fix dd flags 
QubesOS/qubes-issues#2622
0fdcbfc

woju added a commit to woju/qubes-core-admin that referenced this issue May 29, 2017

@woju
qubes/vm/qubesvm: don't use .run_service() for .run() 
QubesOS/qubes-issues#2622
b212a75

woju added a commit to woju/qubes-core-admin that referenced this issue May 29, 2017

@woju
qubes.admin documentation UNFINISHED 
QubesOS/qubes-issues#2622
51ee2a5

woju added a commit to woju/qubes-core-admin that referenced this issue May 30, 2017

@woju
qubes.tests asyncio, part 2 
QubesOS/qubes-issues#2622
42cbd9f

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Jun 3, 2017

@marmarek
vm: change kernel=None to kernel='' 
vm.kernel property have type 'str'. Putting None there makes a lot of
troubles: it gets encoded as 'None' in qubes.xml and then loaded back as
'None' string, not None value. Also it isn't possible to assign None
value to str property throgh Admin API.

kernel='' is equally good to specify "no kernel from dom0".

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
9f95bdf

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Jun 3, 2017

@marmarek
vm: change kernel=None to kernel='' 
vm.kernel property have type 'str'. Putting None there makes a lot of
troubles: it gets encoded as 'None' in qubes.xml and then loaded back as
'None' string, not None value. Also it isn't possible to assign None
value to str property throgh Admin API.

kernel='' is equally good to specify "no kernel from dom0".

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
a4115e9

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Jun 3, 2017

@marmarek
vm: change kernel=None to kernel='' 
vm.kernel property have type 'str'. Putting None there makes a lot of
troubles: it gets encoded as 'None' in qubes.xml and then loaded back as
'None' string, not None value. Also it isn't possible to assign None
value to str property throgh Admin API.

kernel='' is equally good to specify "no kernel from dom0".

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
8dfbcb3

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Jun 3, 2017

@marmarek
vm: change kernel=None to kernel='' 
vm.kernel property have type 'str'. Putting None there makes a lot of
troubles: it gets encoded as 'None' in qubes.xml and then loaded back as
'None' string, not None value. Also it isn't possible to assign None
value to str property throgh Admin API.

kernel='' is equally good to specify "no kernel from dom0".

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
e4e1289

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Jun 3, 2017

@marmarek
vm: change kernel=None to kernel='' 
vm.kernel property have type 'str'. Putting None there makes a lot of
troubles: it gets encoded as 'None' in qubes.xml and then loaded back as
'None' string, not None value. Also it isn't possible to assign None
value to str property throgh Admin API.

kernel='' is equally good to specify "no kernel from dom0".

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
6cad3be

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Jun 5, 2017

@marmarek
vm: change kernel=None to kernel='' 
vm.kernel property have type 'str'. Putting None there makes a lot of
troubles: it gets encoded as 'None' in qubes.xml and then loaded back as
'None' string, not None value. Also it isn't possible to assign None
value to str property throgh Admin API.

kernel='' is equally good to specify "no kernel from dom0".

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
4c4f903

woju added a commit to woju/qubes-core-admin-client that referenced this issue Jun 8, 2017

@woju
app: close payload_stream in qubesd_call 
This is to prevent leaking file descriptors.

QubesOS/qubes-issues#2622
996a93f

marmarek added a commit to marmarek/qubes-core-admin-client that referenced this issue Jun 19, 2017

@marmarek
tags support 
QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
90a923c

marmarek added a commit to marmarek/qubes-core-admin-client that referenced this issue Jun 19, 2017

@marmarek
storage: add volume clone method 
Clone volume without retrieving all the data.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
3544c57

marmarek added a commit to marmarek/qubes-core-admin-client that referenced this issue Jun 19, 2017

@marmarek
Implement VM clone as create + copy data+metadata 
This way we don't need separate admin.vm.Clone call, which is tricky to
handler properly with policy.
A VM may not have access to all the properties and other metadata, so
add ignore_errors argument, for best-effort approach (copy what is
possible). In any case, failure of cloning VM data fails the whole
operation.
When operation fails, VM is removed.

While at it, allow to specify alternative VM class - this allows
morphing one VM into another (for example AppVM -> StandaloneVM).

Adjust qvm-clone tool and tests accordingly.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
91b7e24

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Jun 19, 2017

@marmarek
admin: add admin.vm.volume.Clone 
QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
aadbe22

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Jun 19, 2017

@marmarek
admin: implement admin.vm.tag.* 
QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
Loading status checks…
9242202

marmarek added a commit to marmarek/qubes-core-admin-client that referenced this issue Jun 19, 2017

@marmarek
storage: add volume clone method 
Clone volume without retrieving all the data.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
1dd49a7

marmarek added a commit to marmarek/qubes-core-admin-client that referenced this issue Jun 19, 2017

@marmarek
Implement VM clone as create + copy data+metadata 
This way we don't need separate admin.vm.Clone call, which is tricky to
handler properly with policy.
A VM may not have access to all the properties and other metadata, so
add ignore_errors argument, for best-effort approach (copy what is
possible). In any case, failure of cloning VM data fails the whole
operation.
When operation fails, VM is removed.

While at it, allow to specify alternative VM class - this allows
morphing one VM into another (for example AppVM -> StandaloneVM).

Adjust qvm-clone tool and tests accordingly.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
7cd233f

marmarek added a commit to marmarek/qubes-core-admin-client that referenced this issue Jun 19, 2017

@marmarek
storage: add volume clone method 
Clone volume without retrieving all the data.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
ab4be5f

marmarek added a commit to marmarek/qubes-core-admin-client that referenced this issue Jun 19, 2017

@marmarek
Implement VM clone as create + copy data+metadata 
This way we don't need separate admin.vm.Clone call, which is tricky to
handler properly with policy.
A VM may not have access to all the properties and other metadata, so
add ignore_errors argument, for best-effort approach (copy what is
possible). In any case, failure of cloning VM data fails the whole
operation.
When operation fails, VM is removed.

While at it, allow to specify alternative VM class - this allows
morphing one VM into another (for example AppVM -> StandaloneVM).

Adjust qvm-clone tool and tests accordingly.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
Loading status checks…
bfa8d0a

marmarek added a commit to marmarek/qubes-core-admin-client that referenced this issue Jun 19, 2017

@marmarek
tags support 
QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
31988a9

marmarek added a commit to marmarek/qubes-core-admin-client that referenced this issue Jun 19, 2017

@marmarek
storage: add volume clone method 
Clone volume without retrieving all the data.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
998a427

marmarek added a commit to marmarek/qubes-core-admin-client that referenced this issue Jun 19, 2017

@marmarek
Implement VM clone as create + copy data+metadata 
This way we don't need separate admin.vm.Clone call, which is tricky to
handler properly with policy.
A VM may not have access to all the properties and other metadata, so
add ignore_errors argument, for best-effort approach (copy what is
possible). In any case, failure of cloning VM data fails the whole
operation.
When operation fails, VM is removed.

While at it, allow to specify alternative VM class - this allows
morphing one VM into another (for example AppVM -> StandaloneVM).

Adjust qvm-clone tool and tests accordingly.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
Loading status checks…
bcd026d

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Jun 26, 2017

@marmarek
api/admin: skip firewall in vm.Clone 
This operation is going to be removed, so apply a quick fix for tests.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
65d15e6

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Jun 26, 2017

@marmarek
qubes: validate if property value consists of ASCII only earlier 
Do this for all standard property types - even if other types do
additional validation, do not expose them to non-ASCII characters.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
9198416

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Jun 26, 2017

@marmarek
api/admin: firewall-related methods 
In the end firewall is implemented as .Get and .Set rules, with policy
statically set to 'drop'. This way allow atomic firewall updates.

Since we already have appropriate firewall format handling in
qubes.firewall module - reuse it from there, but adjust the code to be
prepared for potentially malicious input. And also mark such variables
with untrusted_ prefix.

There is also third method: .Reload - which cause firewall reload
without making any change.

QubesOS/qubes-issues#2622
Fixes QubesOS/qubes-issues#2869
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
Loading status checks…
0200fda

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Jun 26, 2017

@marmarek
api/admin: remove admin.vm.Clone operation 
The same can be achieved with Create+volume.Clone

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
3dcd29a

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Jun 26, 2017

@marmarek
api/admin: split vm.volume.Clone to CloneFrom and CloneTo 
The first operation returns a token, which can be passed to the second
one to actually perform clone operation. This way the caller needs have
power over both source and destination VMs (or at least appropriate
volumes), so it's easier to enforce appropriate qrexec policy.

The pending tokens are stored on Qubes() instance (as QubesAdminAPI is
not persistent). It is design choice to keep them in RAM only - those
are one time use and this way restarting qubesd is a simple way to
invalidate all of them. Otherwise we'd need some additional calls like
CloneCancel or such.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
ee29e24

marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Jun 26, 2017

@marmarek
api/admin: split vm.volume.Clone to CloneFrom and CloneTo 
The first operation returns a token, which can be passed to the second
one to actually perform clone operation. This way the caller needs have
power over both source and destination VMs (or at least appropriate
volumes), so it's easier to enforce appropriate qrexec policy.

The pending tokens are stored on Qubes() instance (as QubesAdminAPI is
not persistent). It is design choice to keep them in RAM only - those
are one time use and this way restarting qubesd is a simple way to
invalidate all of them. Otherwise we'd need some additional calls like
CloneCancel or such.

QubesOS/qubes-issues#2622
Verified
This commit was signed with a verified signature.
@marmarek marmarek Marek Marczykowski-Górecki
GPG key ID: 063938BA42CFA724 Learn about signing commits
Loading status checks…
26a9974

This was referenced Jul 4, 2017

Closed
Closed
@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Jul 7, 2017

Member

I'm going to ignore admin.pool.volume.* for Qubes 4.0, since we don't need them now (there are admin.vm.volume.* equivalent). But keep it in specification and implement when we will have use case for them.

So, for now, only backup-related calls are missing.
Member

marmarek commented Jul 7, 2017

I'm going to ignore admin.pool.volume.* for Qubes 4.0, since we don't need them now (there are admin.vm.volume.* equivalent). But keep it in specification and implement when we will have use case for them.

So, for now, only backup-related calls are missing.

@andrewdavidwong andrewdavidwong modified the milestones: Release 4.0, Release 4.1 Mar 31, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment